dcsimg
 
 
 
 
 
 

Spending Your Budget on the Right Security Tools

 
 
By Karen A. Frenkel
 
 
 
 
 
 
 
 
 
  • Previous
    Spending Your Budget on the Right Security Tools
    Next

    Spending Your Budget on the Right Security Tools

    The cost of cyber-crime increases, yet firms still misdirect their priorities by spending on ineffective security tools instead of investing in new technologies.
  • Previous
    Successful Breaches Per Company
    Next

    Successful Breaches Per Company

    Successful breaches per company have risen 27% annually, from an average of 102 to 130. Ransomware attacks alone have doubled from 13% to 27%.
  • Previous
    Information Loss Was Largest
    Next

    Information Loss Was Largest

    Information loss represented the largest cost component, rising from 35% in 2015 to 43% in 2017.
  • Previous
    Spending Too Much On Wrong Tech
    Next

    Spending Too Much On Wrong Tech

    Of nine security technologies, five had a negative value gap: The percentage spending level was higher than the relative value to the business. Advanced perimeter controls: -4, Extensive use of data loss prevention: -4, Deployment of governance, risk, compliance: -3, Extensive deployment of encryption: -2, Automated policy management: -1
  • Previous
    Technologies That Help
    Next

    Technologies That Help

    Three technologies had positive rank ordering by spending levels and cost savings. Security intelligence systems: +6, Use of cyber-analytics and user behavior analytics: +5, Automation, orchestration and machine learning: +3, Advanced identity and access governance: =
  • Previous
    Widely Deployed Security Tech
    Next

    Widely Deployed Security Tech

    The two most widely deployed security technologies are security intelligence systems (67%) and advanced identity and access governance (63%). They deliver cost savings of $2.8 million and $2.4 million, respectively.
  • Previous
    No Fast Tracks
    Next

    No Fast Tracks

    Spending on governance, risk and compliance technologies and automated policy management is not a fast track to increased security. They showed the lowest effectiveness in reducing cyber-crime costs (9% and 7%, respectively) out of nine security technologies.
  • Previous
    Focus on Tech Innovations
    Next

    Focus on Tech Innovations

    Innovative technologies are generating the highest ROIs, yet investment in them is low. Cyber-analytics and user behavior analytics, as well as automation orchestration and machine learning ranked lowest for deployment (32% and 28%, respectively), but they provide the third and fourth highest cost savings.
  • Previous
    Recommendation
    Next

    Recommendation

    Build cyber-security on a strong foundation. Invest in security intelligence and advanced access management, and recognize the need to innovate.
  • Previous
    Recommendation
    Next

    Recommendation

    Perform extreme pressure testing. Don't rely on compliance alone to enhance your security profile. Use extreme pressure testing to identify even the most highly motivated attacker.
  • Previous
    Recommendation
    Next

    Recommendation

    Invest in innovation. Balance investments in analytics and artificial intelligence to enhance program effectiveness and scale value.
 

Companies worldwide are hemorrhaging money as a result of cyber-attacks and misdirected investments in inefficient and ineffective security capabilities, according to a new report. These companies are losing as much is $11.7 million per business annually. That's an increase of 62 percent in five years and $2.4 million per incident, according to the research report published by Accenture and the Ponemon Institute. The report, "2017 Cost of Cyber-Crime Study," found that the number of cyber-attacks has shown "no sign of slowing down" since 2009. "As this research shows, making wise investments in innovation can certainly help make a significant difference when cyber-criminals strike," said Kelly Bissell, managing director of Accenture Security. "Keeping pace with these more sophisticated and highly motivated attacks demands that organizations adopt a dynamic, nimble security strategy that builds resilience from the inside out—versus only focusing on the perimeter—with an industry-specific approach that protects the entire value chain, end to end." The report surveyed 2,182 security and IT professionals over a 10-month period in 254 organizations in Australia, France, Germany, Italy, Japan, the United Kingdom and the United States.

 
This article was originally published on 10-23-2017
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.